I had a couple of questions and I was hoping one of you may have some
ideas, tips, advise, anything. :-)
Right now we have a single NetBackup 6.5.4 master server running on
RedHat Linux ES 4.0 and as far as security is concerned we are just
using OS level security. i.e. users are created at the server level
that have access to run the Java admin console. We typically lease our
servers for 3 years and the lease will be up in March. I have gone
through a few Master server lease returns so I am not worried about that
but I wanted to add that bit of information. I would like to accomplish
a few things in the coming months, but I want to make sure that
everything is done is the right order to minimize risk and extra,
1. I would like to cluster the Master. At a minimum living at the same
datacenter, but optimally having the passive node offsite. Pretty sure
to do this I will need both Storage Foundation, and if I wanted to have
a passive offsite I would also need volume replicator.
2. I would like to implement NBAC. Master being the root, but I had
plans on their being a windows AB so that I could use our domain
credentials. I would like to hand off some of the backup/restore
functions to others without giving them access to everything.
I may be mistaken in my understanding of clustering NetBackup but I
don't believe you can cluster a current standalone without going through
the process of rebuilding a new server and doing a catalog restore.
What are the issues with or process for migrating the NBAC root off of
one server to another when a cluster is not involved. In other words,
if I put NBAC in, and we had to do the lease return before we have
clustered does anyone have the correct steps to take? I would imagine
there would be an issue with the certificates but I could be wrong.
Finally, IF (big if) all of this was done prior to the lease return,
does that make things as easy as I am thinking they would be. Something
as simple as bringing a new server into the cluster, failing over to the
new server and removing the old one out.
Sorry for the wall of text, but thank you in advance to anyone who can
Chris Alley, MCSE
Sr. Data Protection Administrator
Kforce Technology Services
Great People = Great Results(r)
Confidentiality Notice: This email message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and/or privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply email and destroy
all copies of the original.
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu